How to know local IP on which mail was received on

Discussion:

(too old to reply)

AMM

2024-12-11 05:29:30 UTC

Hello

So I have two IPs configured on my mail server (acting as MX for my domain).

Say public IPs are 1.2.3.4 (eth1) and 5.6.7.8 (eth2)

When I receive email, system logs sender IP but does not log on what IP
the email was received on.

Log line looks like this:

Dec 11 08:26:48 foo1 sm-mta[1707322]: STARTTLS=server,
relay=mail-ed1-f41.google.com [209.85.208.41], version=TLSv1.3,
verify=NOT, cipher=TLS_AES_256_GCM_SHA384, bits=256/256

How do I know if email came on 1.2.3.4 (eth1) or 5.6.7.8 (eth2)?

I want to debug some issue which requires to know local IP the email
came on.

Please do let me know, how to check the same.

Thank you,

AMM

Claus Aßmann

2024-12-11 06:31:39 UTC

Permalink

Post by AMM
How do I know if email came on 1.2.3.4 (eth1) or 5.6.7.8 (eth2)?

What do you currently use for DaemonPortOptions?

you could use multiple DaemonPortOptions and specify
Name User-definable name for the daemon (defaults to "Daemon#")
Addr Address mask (defaults INADDR_ANY)

see doc/op/op.*

Or you could add some custom log entry via a ruleset
using the syslog map and log
${daemon_addr}
The IP address the daemon is listening on for connections.
together with the queue id.

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

AMM

2024-12-11 13:55:21 UTC

Permalink

Post by Claus AÃmann
What do you currently use for DaemonPortOptions?
you could use multiple DaemonPortOptions and specify
Name User-definable name for the daemon (defaults to "Daemon#")
Addr Address mask (defaults INADDR_ANY)
see doc/op/op.*

O DaemonPortOptions=Name=MTA-v4, Family=inet

I do not want to change INADDR_ANY because I use standard sendmail.mc
for many mail servers and do not want to customize it for each server.

Post by Claus AÃmann
Or you could add some custom log entry via a ruleset
using the syslog map and log
${daemon_addr}
The IP address the daemon is listening on for connections.
together with the queue id.

Can you provide more help with this? I could not find much help in
doc/op/op.*

I would like change log entry at two places in syslog (systemd journal)

I want to change log entry:
Dec 11 08:26:43 foo1 sm-mta[1707322]: NOQUEUE: connect from
mail-ed1-f41.google.com [209.85.208.41]

to:
Dec 11 08:26:43 foo1 sm-mta[1707322]: NOQUEUE: connect from
mail-ed1-f41.google.com [209.85.208.41] on [1.2.3.4]

And another log entry:
Dec 11 08:26:51 foo1 sm-mta[1707322]: 4AA2uhPr123456:
from=<***@gmail.com>, size=27668, class=0, nrcpts=1, msgid=<...>,
proto=ESMTPS, daemon=MTA-v4, relay=mail-ed1-f41.google.com [209.85.208.41]

to:
Dec 11 08:26:51 foo1 sm-mta[1707322]: 4AA2uhPr123456:
from=<***@gmail.com>, size=27668, class=0, nrcpts=1, msgid=<...>,
proto=ESMTPS, daemon=MTA-v4, relay=mail-ed1-f41.google.com
[209.85.208.41], daemonaddr=[1.2.3.4]

Can this be made the default in future versions of sendmail, as in my
opinion it is an important piece of information to detect connection issues.

OR can the logging be made easier without touching / modifying ruleset?

Thank you and regards

AMM

Claus Aßmann

2024-12-11 19:45:05 UTC

Permalink

Post by AMM

Post by Claus AÃmann
Or you could add some custom log entry via a ruleset

Can you provide more help with this? I could not find much help in
doc/op/op.*

"It's complicated" - you could do some online search for this.
Here's something completely untested:
Klog syslog
SLocal_check_relay
R$+ $| $+ $: $(log daemon_addr=$&{daemon_addr} $)

Post by AMM
I would like change log entry at two places in syslog (systemd journal)

Logging from the binary would need code changes.

Post by AMM
Can this be made the default in future versions of sendmail, as in my
opinion it is an important piece of information to detect connection issues.

The simplest approach is to use multiple DaemonPortOptions,
anything else is (significantly) more complicated.
It shouldn't be hard to write a script which takes the local
network configuration and creates the proper mc entries.

Post by AMM
OR can the logging be made easier without touching / modifying ruleset?

No - see above: code or ruleset.

Grant Taylor

2024-12-12 03:13:47 UTC

Permalink

The simplest approach is to use multiple DaemonPortOptions, anything
else is (significantly) more complicated.

That's what I do.

Though I do wonder if it might be possible to have an abstraction
hostname that is referenced via /etc/hosts on each system.

Presuming that all systems had two IPs and that there is a way to use a
name abstraction; maybe something like this:

DAEMON_OPTIONS(`Family=inet, Address=ip-place-holder-A,
Name=MTA-v4-IP-A')dnl
DAEMON_OPTIONS(`Family=inet, Address=ip-place-holder-B,
Name=MTA-v4-IP-B')dnl

Then have entries like the following in the /etc/hosts file on host1

192.0.2.11 ip-place-holder-A
192.0.2.12 ip-place-holder-B

And similar entries in the /etc/hosts file on host2

192.0.2.21 ip-place-holder-A
192.0.2.22 ip-place-holder-B

This is predicated on if ip-place-holder-A type thing would work in the
config. I don't know.

I've presented the mc (m4) syntax which provides some flexibility to do
some interpretation when compiling the mc (m4) into the cf file. As in
I think you could get m4 to run commands and extract the necessary
information to place in the compiled cf output.

If you do this in the cf file directly, it would be predicated on if if
Sendmail will resolve a hostname in this type of situation or not. I
don't know of this is possible or not.

Both of these would be a change from the current configuration. But
name resolution would allow consistent config files across multiple
systems with the differences being contained in the /etc/hosts file
which already probably has some host specific things like loghost, etc.

--
Grant. . . .